CVE-2024-2578

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5...

EUVD-2024-27527

Malicious code in bioql PyPI...

EUVD-2023-12884

Malicious code in bioql PyPI...

EUVD-2025-3891

Malicious code in bioql PyPI...

CVE-2023-0895

The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

CVE-2021-25053

The WP Coder WordPress plugin before 2.5.2 within the wow-company admin menu page allows to include arbitrary file with PHP extension as well as with data:// or http:// protocols, thus leading to CSRF RCE...

CVE-2025-24699

Cross-Site Request Forgery CSRF vulnerability in Wow-Company WP Coder wp-coder allows Cross-Site Scripting XSS.This issue affects WP Coder: from n/a through = 3.6...

CVE-2025-24699

Cross-Site Request Forgery CSRF vulnerability in Wow-Company WP Coder wp-coder allows Cross-Site Scripting XSS.This issue affects WP Coder: from n/a through = 3.6...

CVE-2025-24699

CVE-2025-24699 : WordPress WP Coder plugin is affected (versions up to 3.6). The issue is a CSRF that enables Cross‑Site Scripting (XSS) via the vulnerable plugin code. Public records identify the nature of the vulnerability as CSRF to XSS in WP Coder <= 3.6. Red Hat/RedHat-related and CVE dat...

CVE-2025-24699 WordPress WP Coder Plugin <= 3.6 - CSRF to Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company WP Coder allows Cross-Site Scripting XSS. This issue affects WP Coder: from n/a through 3.6...

CVE-2025-24699 WordPress WP Coder Plugin <= 3.6 - CSRF to Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company WP Coder wp-coder allows Cross-Site Scripting XSS.This issue affects WP Coder: from n/a through = 3.6...

WordPress plugin WP Coder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

WordPress WP Coder Plugin <= 3.6 - CSRF to Cross Site Scripting (XSS) vulnerability

CSRF to Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WP Coder versions = 3.6...

CVE-2024-2578

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5...

CVE-2024-2578

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5...

CVE-2024-2578

CVE-2024-2578 affects WP Coder (WordPress plugin) with Stored XSS due to improper input handling during page generation in versions up to 3.5. A fix is available in 3.5.1; CVSS metrics vary by source (NVD v3.1 base score 4.8; PatchStack guidance lists ~5.9). No exploitation details are provided b...

WordPress Plugin WP Coder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WP Coder A cross-site...

WordPress WP Coder Plugin <= 3.5 is vulnerable to Cross Site Scripting (XSS)

Software WP Coder Type Plugin Vulnerable versions = 3.5 Fixed in 3.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-2578 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fff15d41931f Credits LeNgocHoa Required privilege Editor Published 18...

Cross site scripting

The Float menu WordPress plugin before 5.0.2, Bubble Menu WordPress plugin before 3.0.4, Button Generator WordPress plugin before 2.3.5, Calculator Builder WordPress plugin before 1.5.1, Counter Box WordPress plugin before 1.2.2, Floating Button WordPress plugin before 5.3.1, Herd Effects WordPre...

WordPress WP Coder Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS)

Software WP Coder Type Plugin Vulnerable versions = 2.5.5 Fixed in 2.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2362 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID f20e6f427663 Credits Erwan LR Required privilege...